Overview MailScanner is a highly-respected open-source e-mail security system that scans all e-mail for viruses, spam and attacks against security vulnerabilities. It is not tied to any particular virus scanner and may be used with any combination of 14 different virus scanners. This document explains how to install MailScanner using a single copy of Postfix to handle both incoming and outgoing mail delivery.
The approach described here does not require Mailscanner to access the active queue. Instead Postfix puts all incoming email into a hold queue so Mailscanner can safely access these emails for scanning and then pass them back to the Postfix active queue for delivery.
Anti-virus and anti-spam filtering is provided by the following optional components:

AntiVir
BitDefender
ClamAV
SpamAssassin

Installing AntirVir
AntiVir is provided courtesy of AntiVir PersonalProducts GmbH. The private, non-commercial use of AntiVir Workstation for Linux is free. Please check their Web site for the latest version. To install AntiVir, use the following commands:

wget http://free-av.com/personal/en/unix/antivir-workstation-pers.tar.gz
gzip -d antivir-workstation-pers.tar.gz
tar -xvf antivir-workstation-pers.tar
cd antivir-workstation-pers-2.1.4-20/
./install
The default settings offered by the script are acceptable since MailScanner will ensure the virus definitions are kept up-to-date. To update AntiVir type from the command line:
antivir –update
To scan from the command line use:
antivir

Installing BitDefender
BitDefender is provided courtesy of SOFTWIN SRL. BitDefender Linux Edition is a freeware product, which doesn’t require a license to be used. Please check their Web site for the latest version. To install BitDefender, use the following commands:

Installing ClamAV
ClamAV is a free anti-virus toolkit for UNIX and is provided courtesy of the ClamAV Project. Clam AntiVirus is licensed under the GNU Public Licence. Packages used in this Howto are either built and/or maintained by Dag Wieers. Please check each Web site for the latest versions. To install ClamAV, use the following commands:

SpamAssassin is an open-source spam filter provided courtesy of The Apache SpamAssassin Project. Clam AntiVirus is licensed under the GNU Public Licence. Please check their Web site for the latest version. To install SpamAssassin simply use the following command:

yum install spamassassin

Remove cc-spamassassin before installing spamassassin.

yum remove cc-spamassassin

Install and configure MailScanner

MailScanner is developed by the Electronics and Computer Science Department at the University of Southampton and is distributed for free under the GNU Public Licence. Please check their Web site for the latest version.
Before you proceed any further you will need to install the ClarkConnect developer tools on your system. For instructions go to the following howto: Installing and Removing the Developer Tools. To install MailScanner, use the following commands:

Nescessary, execute the following commands before configuring MailScanner:

service postfix stop
chkconfig postfix off
Open /etc/postfix/main.cf and make sure that you add the following line: header_checks = regexp:/etc/postfix/header_checks

Next, open the file /etc/postfix/header_checks and add this line: /^Received:/ HOLD
This tells Postfix to move all messages to the HOLD queue. Now edit the file /etc/MailScanner/MailScanner.conf and change the following 6 settings, which are all near the top of the file:

Now you are ready to test MailScanner without using anti-virus or anti-spam filtering:
service MailScanner start
If you can successfully send and recieve mail start adding virus scanners and SpamAssassin one at a time. Modify /etc/MailScanner/MailScanner.conf accordingly: Virus Scanning = yes
Virus Scanners = antivir bitdefender clamav
Use SpamAssassin = yes
Notify Senders = no
Once you are satisfied that everything is working correctly, edit the organisation and server identification information: %org-name% = YOURSITENAME
%org-long-name% = The name of your organisation
%web-site% = http://www.yoursite.com
Finally, you need to amend the virus scanner wrapper so that ClamAV is automatically updated. Modify /etc/MailScanner/virus.scanners.conf: clamav /usr/lib/MailScanner/clamav-wrapper /usr/bin/clamdscan
You may test this by issuing the following from the shell:
/usr/lib/MailScanner/clamav-wrapper /usr/bin/clamdscan /tmp

Advertisements

Like this:

I’d just like to say this was an extremely helpful and informative post. I already have a postfix/mailscanner/spamassassin box running, I followed a howto called “the perfect spamsnake” on howtoforge. The tutorial was extremely detailed in WHAT to do, but not in WHY to do it. Your post explained how mailscanner accesses the messages from postfix, using the hold queue, which I have been trying to understand ever since I got the box up and running, so thank you for this!